Tails: the operating system that blew open the NSA

Courtesy Klint Finley, Wired.co.uk

When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA’s prying eyes. It’s called Tails. And naturally, nobody knows exactly who created it.

Tails is a kind of computer-in-a-box. You install it on a DVD or USB drive, boot up the computer from the drive and, voila, you’re pretty close to anonymous on the internet. At its heart, Tails is a version of the Linux operating system optimized for anonymity. It comes with several privacy and encryption tools, most notably Tor, an application that anonymizes a user’s internet traffic by routing it through a network of computers run by volunteers around the world.

Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn’t store any data locally. This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.

"The installation and verification has a learning curve to make sure it is installed correctly," Poitras told Wired by e-mail. "But once the set up is done, I think it is very easy to use."

An operating system for anonymityOriginally developed as a research project by the U.S. Naval Research Laboratory, Tor has been used by a wide range of people who care about online anonymity: everyone from Silk Road drug dealers, to activists, whistleblowers, stalking victims and people who simply like their online privacy.

Tails makes it much easier to use Tor and other privacy tools. Once you boot into Tails — which requires no special setup — Tor runs automatically. When you’re done using it, you can boot back into your PC’s normal operating system, and no history from your Tails session will remain.

The developers of Tails are, appropriately, anonymous. All of Wired’s questions were collectively –and anonymously — answered by the group’s members via email.

They’re protecting their identities, in part, to help protect the code from government interference. "The NSA has been pressuring free software projects and developers in various ways," the group says, referring to a conference last year at which Linux creator Linus Torvalds implied that the NSA had asked him place a backdoor in the operating system.

But the Tails team is also trying to strike a blow against the widespread erosion of online privacy. "The masters of today’s Internet, namely the marketing giants like Google, Facebook, and Yahoo, and the spying agencies, really want our lives to be more and more transparent online, and this is only for their own benefit," the group says. "So trying to counterbalance this tendency seems like a logical position for people developing an operating system that defends privacy and anonymity online."

But since we don’t know who wrote Tails, how do we now it isn’t some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it’s bad for the NSA, it’s safe to say it’s good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. "Some of us simply believe that our work, what we do, and how we do it, should be enough to trust Tails, without the need of us using our legal names," the group says.

According to the group, Tails began five years ago. "At that time some of us were already Tor enthusiasts and had been involved in free software communities for years," they says. "But we felt that something was missing to the panorama: a toolbox that would bring all the essential privacy enhancing technologies together and made them ready to use and accessible to a larger public."

The developers initially called their project Amnesia and based it on an existing operating system called Incognito. Soon the Amnesia and Incognito projects merged into Tails, which stands for The Amnesic Incognito Live System.

And while the core Tails group focuses on developing the operating system for laptops and desktop computers, a separate group is making a mobile version that can run on Android and Ubuntu tablets, provided the user has root access to the device.

Know your limitationsIn addition to Tor, Tails includes privacy tools like PGP, the password management system KeePassX, and the chat encryption plugin Off-the-Record. But Tails doesn’t just bundle a bunch of off the shelf tools into a single package. Many of the applications have been modified to improve the privacy of its users.

But no operating system or privacy tool can guarantee complete protection in all situations.

Although Tails includes productivity applications like OpenOffice, GIMP and Audacity, it doesn’t make a great everyday operating system. That’s because over the course of day-to-day use, you’re likely to use one service or another that could be linked with your identity, blowing your cover entirely. Instead, Tails should only be used for the specific activities that need to be kept anonymous, and nothing else.

Of course the group is constantly working to fix security issues, and they’re always looking for volunteers to help with the project. They’ve also applied for a grant from the Knight Foundation, and are collecting donations via the Freedom of the Press Foundation, the group that first disclosed Tails’ role in the Snowden story.

That money could go a long way toward helping journalists — and others — stay away from the snoops. Reporters, after all, aren’t always the most tech-savvy people. As Washington Post reporter Barton Gellman told the Freedom of the Press Foundation, "Tails puts the essential tools in one place, with a design that makes it hard to screw them up. I could not have talked to Edward Snowden without this kind of protection. I wish I’d had it years ago."

Well, considering I have used neither, I defer to our resident (or non-resident) expert edward snowden, and would say Tails but that may just be because no one using whonix has been discovered by the NSA yet. In any case, here’s the link to compare the 2.